Welcome New Fellows: Chao Yin Kuo and Patrick Murck

Chao-Yin Kuo has been a public prosecutor in Taiwan for the past 14 years. She has spent her career investigating and prosecuting a variety of criminal cases, including embezzlement of public companies, corruption, cyber-crimes, intellectual property violations, drug dealings, gang organizations, food and medicine safety, and credit card fraud.

Describe your typical day as a prosecutor specializing in cybercrimes. What tasks are involved?

I am responsible for dealing with different kinds of criminal cases regulated by law. Being a public prosecutor is never an easy task. My every day at the office is always demanding and challenging. But I feel pretty passionate and proud of what I do. I have lots of excellent co-workers, amazing supervisors and many more individuals who always support me and offer unique perspectives that help me do my job better.

For those who are not aware of Taiwan's legal system, could you briefly describe the structure of courts in Taiwan generally and also with specific reference to your practice?

Our legal system, in a nutshell, is like most of the legal systems in western countries. In terms of judicial levels, we have district courts, high courts, and the Supreme Court. In terms of different field of functions, we have civil courts, criminal courts, and administrative courts. I, as a public prosecutor, is part of the criminal judicial system, belonging to the Ministry of Justice.

How big a problem is cybercrime in Taiwan? Could you tell us about the most challenging or interesting case you have handled?

The internet becomes a convenient tool for almost everyone to connect worldwide. New technologies are invented quickly, and smart phones or other digital devices, such as apps or online tools, are prevalent, handy and affordable. Consequently, cybercrimes are inevitably and has become an important issue to every nation in the globe, including Taiwan. Hence, we track down those criminals with our proficiency and without hesitation.

Coming from India, a big problem I observe is the inability of legal systems to keep up with new technologies and effectively regulate them. Do you find this to be an issue in your work as well? As a prosecutor, do you find that the Taiwanese cybercrime framework allows you to access all the tools you need to discharge your duties? Are there any reforms you would like to see (for example, more powers concerning digital search and seizure, offensive network discovery by law enforcement etc.)

Although technologies change rapidly, we always keep up with every new things to accomplish our investigations. We have plenty of high-trained, well-prepared, and intelligent police officers with cutting edge equipment to deal with cybercrimes. Also, we have solid criminal laws and well-functioned judicial systems that can put criminals in jail. In addition, we are highly keen of criminal laws. If we are aware of something that needs to be changed, we would do it wisely so that criminals don’t have any advantages against us.

I understand your area of research at the Berkman Center is to be centered on trade secrets law with reference to cybercrimes. I was wondering if you could tell me a little about how you grew interested in this area and what questions you are hoping to answer?

Taiwan is full of high-tech companies. They devoted lots of time, capital, efforts, man power and so on to conduct research and development. Either they discover new things successfully, or they find out what is not going to work, both of which significantly impact their industry. Their outcome is worthwhile and needs to be fully protected. We make the resolution to prevent their intellectual property from being stolen so that everything they’ve done would not be in vain. We do not allow someone else to unlawfully take advantage of the fruits of other’s labor. In order to make sure we have the legal environment in which no one dares to take the risk of stealing other people’s treasure in any means and form, especially through the internet, I have a strong desire to learn more from the ways and the regulations implementing in the US. I hope to dedicate what I’ve obtained here to the criminal judicial system in my country.

Today, there are a number of large-scale intrusions being committed around the world. Many of these including the Hacking Team and Sony attacks concern trade-secrets or other sensitive information being released to the public. Do you have any advice for commercial entities to operate safely online?

For commercial entities, they need to have the awareness of the trade secret protection issues, including intentional hacking actions. They could acquire legal provisions by consulting their lawyers and seek for proper methods to guard what matters to them. Moreover, they could recruit royal intellects to watch the company systems. The more they prepare, the better they could handle potential cyber world attacks.

In an area such as trade-secrets, prevention is always better than cure/mitigation, what would you advice to prevent such crimes from being perpetuated? For example, would you recommend stricter criminal penalties or would you argue against anonymity online and the wide use of privacy-tools such as Tor?

Although technology is designed for human beings, nevertheless, what really matters are always the human themselves. That is to say, anything convenient has to be used towards good will. Accordingly, proper systems, professional capabilities, executive force, and merit culture are crucial to companies. Having stricter criminal penalties might be one of the ways. However, many respects should be taken into account before doing that, including education, social welfare, criminal psychology research, penology study, repeating crime statistics, motivation survey, and so on. I believe both external legal systems and internal corporate governance are essential to prevent these crimes.

Patrick is a lawyer and expert on bitcoin and blockchain-based technologies. He will conduct research into the law and policy implications of bitcoin, distributed ledgers and smart contracts. Previously Patrick was a co-founder of the Bitcoin Foundation where he served at times as General Counsel and Executive Director.

Would you mind introducing your work, and talking a bit about where you hope to take it during your time at Berkman?

It’s kind of a tricky question. I have done a few different things in the Bitcoin ecosystem, and some of it has been fun and exciting and engaging and some of it has been more like scut work. I was a cofounder of the Bitcoin Foundation , among other things, been involved in some startups in the space, and startups before that in the financial services space and digital currencies space as well, so I’ve been looking at a lot of these issues and seeing them evolve.

I remember when I first read the Bitcoin white paper, I was pretty intrigued by how it cleverly solved a number of problems, in particular on the legal side. At the time I was working in a digital currency startup and we were doing a centralized digital currency system. We joked that they had open sourced our business model — when I read the white paper — so maybe we should do something else. The white paper cleverly sidesteps a lot of the regulatory issues that were preventing centralized digital currency providers from providing services to people in their communities. By having no central point of failure, you don’t have a lot of the same burdens that… those startups [face].

Building on that, I’ve been involved in the space, found different areas where I could contribute, helped found the Bitcoin Foundation, and we wanted to provide technical resources back to the community… and then also developing a public policy platform/framework to start regulatory engagement as well. It seemed pretty critical that some outreach happen — proactively — because a lot of the conversation was already happening in DC, at the state level, and even internationally, around Bitcoin, and it was being shaped by people who didn’t have a good understanding of the technology underlying it, and what the purpose was. And so we wanted to make sure we corrected the record, and let both FinCEN and the law enforcement community understand what Bitcoin was, that this wasn’t just a scheme to help people launder money and do elicit transactions on the internet, that there was a bigger picture here. That was the start of it, and we did some engagement in DC both in person, through filings, and of course, coordinating the Senate hearings and testifying there. That was important and it helped set the stage for a good conversation around the benefits that Bitcoin and the block chain offer, globally and in the US, and helped people understand that there was a balance that could be struck between mitigating some of the risks, and capturing the benefits.

So that was interesting work, and there are some other people who have taken up more of the advocacy role now, in the ecosystem which is good, and it’s interesting for me to kind of get back to some of the bigger questions: What does it mean to own a bitcoin; what is a bitcoin? There are no coins, so what exactly do you own? What are your ownership rights? Where to ownership rights attach? Is it to private keys, is it to encrypting outputs, where exactly do those rights attach? This is going to be important when you think about things like how the UCC applies to Bitcoin, how Bitcoin is taxed, and then of course, who is responsible for transactions that fail, or fraud on the network, things like that.

That’s some of it, as far as the research topics. I’d love to get into the taxonomy that people use, I think for some audiences, the idea of miners and coins and wallets can be useful but, those analogies, those old analogies, are impeding the development of sensible policies and regulations right now. There are no wallets and there are no coins. No one’s mining anything. There are people who are securing transactions, there are people who are broadcasting transactions. There are keys, there are keychains. These things are harder to understand for a lay audience, but if you are going to be developing regulatory frameworks, you’re really going to need to understand how the system actually works, not just an abstraction of it.

I know that after the Bitcoin hearings at the end of 2013, Bitcoin emerged with a fairly positive public opinion, and I’m wondering why you think that the translation of something so initially esoteric like Bitcoin managed to come off so well in the public eye when so much seemingly less out-there technology doesn’t fare nearly as well.

We did a good job, I guess. I think there are elements of Bitcoin that appeal to everybody. Bitcoin’s often portrayed as libertarian technology or something of those sorts, but liberty is not the exclusive domain of libertarians. I think people in general believe in human empowerment, and human dignity, and liberty, and so you can have those conversations with people and can show them that the financial system as it’s constructed right now is failing a huge percent of the world abroad and also here in the US. And why is it that those networks, those financial networks, are closed and privileged? And why can’t we develop a system where people have open access to those systems, where access is flat and democratized? That’s the story of technology in general: to democratize the things that were once the exclusive province of people who are wealthy and privileged. Now when you start talking to people, whether democrats, republicans, libertarians, socialists, everybody tends to agree on those things. And so finding those, that common ground, I think is important, going forward. And I think it was important back then to set the stage for a healthy conversation.

That explains people who are not necessarily in regulatory roles. But do you think that we can use the same explanation for people who are in more regulatory roles?

I think it’s underestimated how much frustration there can be with the existing system. Both for people who are operating within it and people regulating it, people who are affected by it. I think everybody kind of has some recognition that the ways things are today is suboptimal. So when you talk to the law enforcement community, you can show that there’s actually unprecedented transparency across the network, and they can look at the block chain and they can see the flow of transactions, and maybe they’d be better served — instead of collecting information about every single person, for every single transaction, and having all that data silo’d into different financial services, financial institutions, where they actually act as the insurer in their own little silo’d environment — by having all that data outside of the silo. They can start tracking transactions in a better way. And they can issue warrants that are more specific to actual incidents of illicit activity.

So it benefits the law enforcement community that way, once they can start to analyze the entire financial network at once, and have more targeted information requests, that also benefit civil libertarians that value privacy, because now you’re not having to share your personal information across so many different service providers, and you can again, have more targeted approaches to resolving instances of illicit activity. When you look at people who regulate markets, they love transparency. So all of a sudden, you have taken this data, you’ve moved it out of these silo’d institutions, you’ve broadcasted it across an open network, so, you can see if there’s market manipulation, or other things. You have better insight into that happening. It’s not perfect insight, in either case, and certainly things are a little bit different, but you have more insight than you can possibly have in the existing system.

I was trying to explain to someone the other day how Bitcoin differs from money, or national currencies, when both are abstractions at this point. So that answers that question far better than I was able to answer it, but would you be able to go a little more into how Bitcoin differs from national currencies?

It’s questionable right now whether it’s a currency at all. I like to think of it as more of an asset with hopes of it being a currency. It’s used in some instances as currency, but not that often. It’s more used as an asset. To me, when I think of Bitcoin, I think of it as the first native digital asset. It’s a proof-of-work asset.

You can try to understand the distance between digital economy and a digitized economy. A digitized economy is like a Bank of America checking account. There are supposedly little paper dollars floating about that are represented by bits in their system; they’ve digitized money. Digital money is different. It’s native to the block chain, it’s native to the proof-of-work that is creating value for it. And so you have this asset, and sometimes assets can be used as currency, sometimes they’re just used for speculative investment, or they’re used for other purposes: securing other assets on the network, and things like that.

So, how it relates to national currencies: you’ve got a different central bank, essentially, issuing it, with different rules. Instead of having a single political institution that is issuing this asset and creating the rules around the market, you have a piece of software — an algorithm — that creates this asset, and sets the rules for it. Sets [the rules] in advance. And that’s how the asset is initially distributed.

I think that part of the learning, again, is just trying to bridge where the technology is and what it can do back to something useful and practical. You were talking about the law enforcement community or regulators, for example, so bridging that back to their concerns [might involve] talk[ing] about market transparency. We don’t need to get into digital gold and all that other stuff; that’s not necessarily useful for that conversation.

That makes me wonder: with Bitcoin — and we assume that it is something that could be really widely applicable and helpful — it seems to me at the moment that there is quite a barrier to entry what with understanding how to use a wallet, and understanding even the culture that Bitcoin has come from. So do you think, does Bitcoin aspire to be really widely used, and if so, how would it do that? How would it become that?

I don’t think anyone has good answers for that question. How it gets to be widely used, or even if it should be widely used. I think that that is still something that is in some ways being actively debated. Whether it is using the Bitcoin blockchain and whether the whole world should be using it for all their transactions as currency, or whether you would think of the Bitcoin block chain as sort of like a base-layer transport layer, like fiberoptic cabling, that other services are built on top of, that facilitate different transactions types. You get into this idea of side chains, and two-way pay chains, and whether that’s a better way to reach out to different markets and different verticals. And I don’t think that anybody knows the answer to that right now. We’ll all figure it out as it happens. Or, most likely, we’ll all describe it after the fact.

I know there are a lot of startups around digital currency and crypto currency right now, but is usability something that those startups are really focusing on right now, or is that less of a conscious effort?

The smart ones are focusing on it right now. There’s a lot of loud noise and very little signal in the space. That’s very clear. Usability is a big issue.

Usability comes in different contexts. Whether you’re building services for other bitcoin companies to make using the network easier, like say, Chain or BTCJam or BitGo, usability is different, because command line interface may be the best usability tool for other developers who are building off of those platforms, whereas if you’re Blockchain, Circle, or Coinbase, then you’re focused on a consumer market, and then you need to have those “wallets” — mobile wallets — that people can understand, that look like Venmo, or that are slick and don’t [make users] have to think about the fact that they’ve got all this complicated code running in the background to secure their private keys.

Would it be important to have a single, more centralized way of interacting with bitcoin or is it inevitable and also fine if there are millions of different ways to store, and spend and exchange?

Diversity is good. So the more different implementations of Bitcoin that there are out there, the better. The more services that are built on top, the better. And especially in the early days. Because nobody knows what’s actually going to click, with consumers in the mass market, or other types of consumers, whether it’s financial institutions or others. So diversity is good; it’s all a grand experiment. And the more experiments you can run, the better, and hopefully if somebody has a big idea and it wins, then it’s a rising tide and everybody benefits from that. So, no, you don’t want to see a single approach or some standardized approach to those things. You want to see lots of experimentation happening. That’s one of the primary benefits of a system like Bitcoin, is that because it’s open, you can try out all sorts of wacky things. Because you don’t ever know what’s going to catch on.

On the subject of diversity, can you explain the role of the Bitcoin Foundation? Because that sounds like more of a centrally located thing.

The Foundation, when it started, was probably inaptly named, to be sure. We wanted to take the model of the Linux foundation and just create a nonprofit way of funding technical research and development, and some policy work, that would support the overall community. Certainly [the goal was] not to create some sort of centralized hub or anything of that sort. It came to be viewed that way, for some, which is unfortunate, but that was never the intention. The idea of the Foundation today is more around general education, consumer education, and things like that.

I once interviewed someone, around the time of the Bitcoin hearings, who told me that Bitcoin would change the world, and for the better. He didn’t exactly explain what he meant by that, though we ended up quoting him in the article because it sounded really cool. I’m wondering, are you able to explain where he may have been coming from?

I do think that bitcoin will change the world, and block chain will change the world, and will do so for the better. When you think about technology, there’s the internet, personal computers… any of these different things, they start off as the province of the wealthy. International communication, things like that, used to be expensive, travel used to be extremely expensive, very limited only to the wealthy who could take their European tours once in a lifetime. The technology as it grows tends to have this track where it takes those things and at first it plays back into the wealthy communities that can afford to play with these things and have hobbies. But eventually it starts to trickle down. And you start seeing that things become cheaper, and faster, they become more standardized, and more and more people can start having access to these different services.

So that now, you know, anyone with a smartphone can call anybody else and have an international conversation, for free almost, if not for free, and you can see that same thing is going to happen with financial services. Whether it’s bitcoin or some other formulation of this technology, that’s where this is going. You’re going to see people start creating markets and financial services and bring it to everybody, extremely cheap, extremely open. And that I think in effect will change the world.

When you look at what keeps people poor, and why some people get wealthy — why some societies are wealthy and some societies are poor — it almost always comes down to poor institutions around financial services and property. And if you can start building global institutions that are secure, transparent, and trusted, and let everybody have access to them, you can see an explosion of wealth throughout the world. That’s why I get up in the morning. That’s why I think most people are involved in the space.